A recent Security Boulevard blog post by Bogdan Botezatu states that more organizations are adopting biometrics for security, but that barriers to adoption remain. As a voice biometric vendor, VBG takes great, on-going interest in the topic of adoption, so this month we’re taking a closer look at Bogdan’s post. Click here to view the complete blog post.
Bogdan’s article focuses on the opinions of almost 500 IT security professionals from the online Spiceworks community in North America and Europe. By way of contrast, our December 2017 article focused on a survey sponsored by VISA to assess consumer awareness and preferences toward biometric technologies. As with any technology, understanding the preferences of both those deploying the systems, as well as those consuming them, should lead to better overall acceptance by all parties.
There were several key barriers cited in Bogdan’s post:
Cost. 67% of survey respondents listed cost as the biggest barrier to the adoption of biometric authentication. Security is not free, not any form of it, biometric or otherwise. However, some biometrics like fingerprint readers and facial biometrics do require the presence of a sensor – which may or may not be readily available in the devices being considered by the systems designers. Voice biometric solutions typically leverage existing devices (telephones), so this is not really a concern. Interestingly, this was the #3 concern for consumers.
Reliability. The next top concern, at 59% of respondents, was reliability. Presumably, this means it won’t well consistently and/or will take multiple attempts to pass. Any biometric technology that does not have a well-understood enrollment process, willing participants, a good sensor, and a friendly usage environment could potentially suffer from reliability issues. However, most biometric technology is vastly better than it was only 2-3 years ago, and can handle imperfect situations, so hopefully this concern will subside as consumers gain confidence with today’s sensors and increased availability of biometrics. This was the #2 concern for consumers.
System Maintenance. The third concern, at 47%, was systems upgrade requirements. Not surprisingly, this was not listed by consumers, but clearly makes sense for the IT professionals who were surveyed. It is difficult to speak for other biometric technologies and vendors, but at VBG, all system upgrades are included with our service, and are performed by us. And, since we are a Platform-as-a-Service (PaaS) delivery model, there are rarely any additional costs or development resources need. The biggest requirement is the ability to work with the VBG team to schedule the system upgrade (which is often done in stages to minimize or eliminate down-time).
Storage/Data Management. 42% of respondents cited storage and management of the biometric data as a concern. Again, as a PaaS provider of voice biometric technology, VBG’s service addresses 100% of the maintenance and storage requirements of all voice biometric and operational data. And, VBG has invested significantly over the years to properly secure all data – in transit and at rest.
Distrust. The most interesting part of Bogdan’s post was his reference to trust-related issues: (65%) of IT professionals think there’s not enough transparency about the vulnerabilities discovered in biometric systems. 63% think there isn’t enough transparency regarding the privacy of biometric data collected by vendors. And, nearly 60% of IT professionals said they need more information about where technology vendors store biometric data.
Unfortunately, highly-publicized data leaks and privacy issues uncovered at companies like Facebook, are creating a negative halo for all companies who gather and manage personal data. This is warranted on some levels, but overshadows the on-going, diligent efforts by MOST companies who do the right thing relative to protecting the personal data they collect, and are not reselling or otherwise misusing it, etc. You'll never hear an international news story about a company protecting personal data properly -- which is the point of good security practices.
With the GDPR becoming official earlier this year, many companies across the globe have had to revamp their privacy and incident response (IR) policies, have had to add or enhance data encryption, and have had to add program supports for end users to have complete, transparent access to their data, along with the ability to control it. Transparency and the protection of end user data are very good things for all of us – and should go a long way toward helping biometric authentication companies gain the trust of IT professionals and end users alike.
Peter is an avid reader, particularly of high-tech topics. These articles express his opinion only, but he hopes you enjoy them!
Other Related Articles You May Enjoy
Click on any article title to read ...